Saturday, October 26, 2019
Basic Firewall Operation Computer Science Essay
Basic Firewall Operation Computer Science Essay A firewall is a piece of software or hardware that filters all networkà traffic between the computer, local network or commercial network andà Internet.à Firewall is a component of a computer system or networkà designed to block unauthorized access whileà allowedà communication.à It is a device or group of devicesà configuredà deny, encrypt, decrypt, or proxy all (inside and outside) trafficà teamà between different security domains based on a setà Firewalls can be implemented in hardware orà software,à orà a combination of both.à A firewall can be few rulesà determine what traffic isà being permitted inside or outside your home network.à Depending on theà typeà firewall in place, access to certainà IP addresses or domainà names, or you can block certain types of traffic by blockingà ofà TCP / IPà the ports they use.à There are basically four mechanisms used by serversà security limità traffic.à A device or program can use more than one of these inà relationshipà together for more depth protection.à The four mechanismsà ofà packet filtering, circuit-level gateway, theà proxy-server and applicationà Gateway. However, Firewall has some drawbacks.à Initial equipment cost is the main factor that determines theà Better communication technology network securityà required.à The firewall cannot protect against attacks that bypassà firewall.à Toà For example, dial-in and dial-out access.à The firewall does not protect against internal threats.à The firewall cannot protect against transmission of the virusà infectionà programs or files.à It would be impractical and perhapsà impossible to scanà all incoming files, emails and messages forà virusà Time to time, the use of cheaper Internet andà linksà much faster.à This leaves many people always want toà use long time. It isà increasing the exposure of computers to variousà threatsà Internet.à When using an anti-virus software protectsà computersà viruses, not other forms of Internet intruders.à A serverà Safetyà bodyguard keep between your computer and the Internet,à decide what doors to open, and that can come Overview of Firewall -II A firewall examines all traffic sent between two networks to see if it meets certain criteria. If so, is routed between the networks, otherwise it stops. A firewall filters incoming and outgoing traffic. You can also manage public access to private networked resources such as host applications. It can be used to record all attempts to enter the private network and trigger alarms when hostile or unauthorized entry attempt. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic depends on the protocol used, such as HTTP, FTP or Telnet. Firewalls can also filter traffic by packet attribute or state. A firewall cannot prevent individual users with modems to dial in or outside the network without going through the firewall at all. Employee misconduct or negligence cannot be controlled by firewalls. Policies regarding use and misuse of passwords and user accounts must be strictly enforced. These are management issues that must be asked in the planning of any security policy, but cannot be solved with firewalls alone. [5] 2.1Advantages of Firewalls Firewalls have a number of advantages. They can stop incoming requests for services, fundamentally insecure, as may be prohibited or rlogin RPC services such as NFS. They can control access to other services such as bars appellants from certain IP addresses, use the filtering service (incoming and outgoing), for example, to stop hiding information about FTP, in writing, for example, allowing access only to certain directories or systems Are more profitable than ensuring every guest on the corporate network, as it is often only one or a few systems firewall concentrate. They are safer for every guest, because of the complexity of the software on the machine which makes it easier for security holes appear. 2.2 Disadvantages of Firewalls Firewalls are not the alpha and omega of network security. They have some disadvantages, such as: It is a focal point for attack, and if a hacker penetrates the firewall that can have unlimited access to the corporate network. You can prevent legitimate users access to services of value, for example, business users will not be released to the web or when working outside the home to a business user can not access the organization track network. No protection against attacks from the back door, in May and encourage users enter and exit through the door, especially if the restrictions are too severe service. Examples of entry points to the back door of the network business are: modems, and import and export unit. The security policy should cover such aspects as well. They can be a bottleneck for the flow, since all connections must pass through the firewall system. Firewall systems themselves can not protect the network against smuggling of import or export of material to prohibit such game programs firewalls as attachments to email messages. Smuggling could also be an important source of infection if users download software from external newsletters recent Melissa virus and the Love Bug have been smuggled into the e-mails to unknown recipients. This is an area that security policy must be addressed. There are software programs that can help in this instance MIMEsweeper runs on the firewall and monitoring of e-mail attachments before you let them pass. It will remove potentially dangerous attachments or prevent the mail from all over. The main disadvantage of a firewall is that it protects against the aggressor inside. Like most computer crimes are perpetrated by corporate internal users, a firewall offers little protection against this threat. For example, an employee may not be able to email sensitive data on the site, but may be able to copy on a floppy and after it. Therefore, organizations need to balance the amount of time and money they spend on the firewall with one on other aspects of information security. [3] Firewall function III There are two methods of denial of access used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or you can deny all traffic unless it meets certain criteria (see Figure 3.1). The type of criteria used to determine whether to allow traffic through varies from one type of firewall to another. Firewalls may be concerned about the type of traffic, or source or destination addresses and ports. They can also use complex rule bases that analyze the application data to determine whether traffic should be allowed to pass. How a firewall determines what traffic to pass depends on the network layer it operates.[5] Figure 3.1: Basic Firewall Operation Firewall Types IV A real firewall is hardware and software that intercepts data between the Internet and your computer. All data traffic must pass through it, and the firewall allows the data is allowed through the corporate network. Firewalls are typically implemented using one of four major architectures: â⠬à Packet Filters â⠬à Application Gateways â⠬à Circuit -level Gateways â⠬à State -full inspection 3.1 Packet Filters The first line of defence in protecting firewalls and most fundamental is the packet filtering firewall. Packet filters operate at the network layer to examine incoming and outgoing packets and applying a fixed set of rules for determining whether packets are allowed to pass. The firewall packet filtering is generally very fast because it does not take into account some of these data in the packet. Just analyze the header of IP packet, IP addresses, source and destination, and combinations of ports and then applies filtering rules. For example, it is easy to filter all packets destined to port 80, which could be wearing a Web server. The administrator can decide which port 80 is off limits except to certain IP subnets, and a packet filter would suffice. Packet filtering is fast, flexible, transparent (no changes required on the client) and inexpensive. Most routers offer capacities of packet filtering and pure firewall packet filter does not require powerful hardware. This type of filter is commonly used in businesses small and medium enterprises that need to control users can or can not go. IP addresses can be distorted by this type of filter media itself is not sufficient to stop an intruder from accessing your network. However, a packet filter is an important component of a server solution for complete security. [4 vara] Fig 4.1 packet filtering[4] 3.2 Circuit-level Gateways A step above the standard packet filtering firewall, but still considered part of the same architecture, are the gates of the circuit, also known as Stateful Packet Inspection. In the circuit level firewall, all connections are monitored and connections that are deemed valid are allowed to cross the firewall. This usually means that the client behind the firewall can initiate any type of session, but customers outside the firewall can not see or connect to a machine protected by the firewall. State inspections usually occur in the network layer, which makes it fast and preventing suspect packets travel up the protocol stack. Unlike static packet filtering, however, an inspection of State takes decisions on the basis of all data in the packet (which corresponds to all levels of the OSI model). Using this information, the firewall builds dynamic state tables. Use these tables to keep track of connections through the firewall instead of allowing all packets meeting the requirements of all rules to adopt, allows only the packets that are part of a valid connection, prepared social. The firewall packet filtering is popular because they tend to be cheaper, faster and relatively easy to configure and maintain. [4vara] Fig. 7.2: Circuit Proxy 3.3 Application Proxies Working in the implementation of the OSI model, proxy firewall forces all client applications on workstations protected by the firewall to use the firewall as a gateway. The firewall allows each package for each different protocol. There are some drawbacks to using this type of firewall. Each client program must be configured to use a proxy, and not everyone can. In addition, the firewall must have a representative in the same for each type of protocol that can be used. This May, a delay in the implementation of new protocols, if the firewall does not. The penalty paid for this extra level of security is the performance and flexibility. Firewall proxy server processor and large memory to support many simultaneous users, and the introduction of new Internet applications and protocols can often involve long delays, while developing new powers to support them. True proxies are probably the safest, but to impose a surcharge on the network load. Dynamic packet filtering is definitely faster, but the highest end firewall these days are hybrids, incorporating elements of all architectures. [4vara] Fig. 7.3: Application Proxy 3.4 Stateful Inspection The optimal firewall is one that provides the best security with the fastest performance. A technique called Stateful Multi-Layer Inspection (SMLI) was invented to make security tighter while making it easier and less expensive to use, without slowing down performance. SMLI is the foundation of a new generation of firewall products that can be applied across different kinds of protocol boundaries, with an abundance of easy-to-use features and advanced functions. SMLI is similar to an application proxy in the sense that all levels of the OSI model are examined.Instead of using a proxy, which reads and processes each packet through some data manipulation logic, SMLI use traffic-screening algorithms optimized for high-throughput data parsing. With SMLI, each packet is examined and compared against known state (i.e., bit patterns) of friendly packets one of the advantages to SMLI is that the firewall closes all TCP ports and then dynamically opens ports when connections require them. This feature allows management of services that use port numbers greater than 1,023, such as PPTP, which can require added configuration changes in other types of firewalls. Statefu inspection firewalls also provide features such as TCP sequence-number randomization and UDP filtering. [5vara] Fig. 7.4 : Stateful Inspection firewalls inspect in each type Packet Filtering Data link header Internet header Transport header Application header Data Circuit Filtering Data link header Internet header Transport header Application header Data + Connection state Application Gateway Data link header Internet header Transport header Application header Data + Connection state application state Hardware Firewalls and Software Firewalls V 5.1 Hardware Firewalls Hardware firewall can be purchased as a standalone product, but more recently hardware firewalls are typically found in broadband routers, and should be regarded as an important part of your system and network settings, especially for those who have broadband. Hardware firewalls can be effective with little or no configuration, and can protect every machine on a LAN. Most hardware firewalls will have a minimum of four network ports to connect other computers, but for large networks, firewall solutions for enterprise networks are available. A hardware firewall uses packet filtering to examine the packet header to determine their origin and destination. This information is compared to a set of predefined rules or created by the user determine if the packet is sent or deleted.[2] As with any electronic equipment, a user with general computer skills can connect a firewall, adjust a few settings that work. To ensure that the firewall is configured for optimal security and protection, however, consumers certainly have to learn the features of your hardware firewall, to enable them, and how to test your firewall to secure your done a good job of protecting your network. Firewalls are not all equal, and it is important to read the manual and the documentation that came with the product. In addition the manufacturers site will generally have a database or FAQ to get you started. If the terminology is a bit too tech-oriented, you can use my library technical terms to help you get a better understanding of certain terms of technology and equipment is where you configure your hardware firewall. To test the security of your hardware firewall, you can buy third party software or a review of research on the Internet for a free online service that is based on testing of firewalls. Test firewall is an important element of maintenance to ensure that your system is configured for optimal protection provided.[2vara] Figure-1 Hardware Firewall Hardware firewall providing protection to a Local Network [3vara] 2.2 Software Firewalls For users of the detached house, choosing the most popular firewall is firewall software. Firewall software installed on your computer (like any software) and can be customized, allowing some control over its function and protection features. A firewall software to protect your computer from outside attempts to control or access your computer, and your choice of firewall software, you can provide protection against Trojans, the most common or e-mail to. Many software firewalls that the user defined controls for setting up files and share printers and block harmful applications from running on your system. In addition, the firewall software may also include access control, Web filtering and more. The disadvantage of software firewall is that it protects only the computer that are installed, no network, so that each team must have a software firewall is installed. [2] As hardware firewalls are a large number of firewalls to choose from. To begin, we recommend you read the comments of firewall software and search the product website to get some initial information. Because your firewall is always running on your computer, you must take note of system resources will be required to execute and possible incompatibilities with your operating system. A good software firewall will run in the background on your system and use only a small amount of system resources. It is important to monitor firewall software, once installed and to download updates provided by the developer. The differences between software and hardware firewall are enormous and the best protection for your computer and the network is to use both because each offers different, but very necessary for safety and performance. Update your firewall and your operating system is essential to maintain optimal protection because it is proof of your firewall to ensure it is connected and working properly. [2 vara] Figure-2 Computer with Firewall Software Computer running firewall software to provide protection [3 vara] Table 5.1: firewall comparison Advantages Disadvantages Hardware Firewall Operating system independent Not vulnerable to malicious attacks Better performance Focuses on only firewall-related duties Can be single point of failure Higher administrative overhead Higher cost to implement and maintain Software Firewall Less expensive to implement and maintain Lower administrative overhead Dependent upon host operating system Requires additional host hardware, Vulnerable to malicious attacks, Lower performance [6]
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.